﻿<?php
     function getParameter($pname){
          return isset($_POST[$pname])?$_POST[$pname]:"";
     }

     $code               = "abcd1234";
     $merchantnumber     = getParameter('merchantnumber');
     $ordernumber        = getParameter('ordernumber');
     $amount             = getParameter('amount');
     $paymenttype        = getParameter('paymenttype');

     $serialnumber       = getParameter('serialnumber');
     $writeoffnumber     = getParameter('writeoffnumber');
     $timepaid           = getParameter('timepaid');
     $tel                = getParameter('tel');
     $hash               = getParameter('hash');

     $verify = md5("merchantnumber=".$merchantnumber.
                   "&ordernumber=".$ordernumber.
                   "&serialnumber=".$serialnumber.
                   "&writeoffnumber=".$writeoffnumber.
                   "&timepaid=".$timepaid.
                   "&paymenttype=".$paymenttype.
                   "&amount=".$amount.
                   "&tel=".$tel.
                   $code);
     
     print "verify=".$verify;
     if(hash!=verify){
          //-- 驗證碼錯誤，資料可能遭到竄改，或是資料不是由ezPay簡單付發送
          print "驗證碼錯誤!".
                "\nhash=".hash.
                "\nmerchantnumber=".$merchantnumber.
                "\nordernumber=".$ordernumber.
                "\nserialnumber=".$serialnumber.
                "\nwriteoffnumber=".$writeoffnumber.
                "\ntimepaid=".$timepaid.
                "\npaymenttype=".$paymenttype.
                "\namount=".$amount.
                "\ntel=".$tel;
     }else{
          //-- 驗證正確，請更新資料庫訂單狀態
          print "驗證碼正確!".
                "\nmerchantnumber=".$merchantnumber.
                "\nordernumber=".$ordernumber.
                "\nserialnumber=".$serialnumber.
                "\nwriteoffnumber=".$writeoffnumber.
                "\ntimepaid=".$timepaid.
                "\npaymenttype=".$paymenttype.
                "\namount=".$amount.
                "\ntel=".$tel;
     }
?>
